222 matches found
CVE-2022-0631
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2...
Linux Distros Unpatched Vulnerability : CVE-2022-0481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL Pointer Dereference in Homebrew mruby prior to 3.2. CVE-2022-0481 Note that Nessus relies on the presence of the package as reported by the vendor...
CVE-2024-42381
os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...
CVE-2024-42381
os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...
CVE-2024-42381
os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...
CVE-2024-42381
os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...
CVE-2024-42381
os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which...
PT-2024-29909 · Homebrew · Homebrew
Name of the Vulnerable Software and Affected Versions: Homebrew versions prior to 4.2.20 Description: The issue allows attackers to achieve code execution via an ELF file with a custom .interp section. This occurs during an un-sandboxed binary relocation phase, before a user would expect executio...
Homebrew 安全漏洞
Homebrew is a package manager in the Homebrew open source. A security vulnerability exists in Homebrew versions prior to 4.2.20, which stems from os/linux/elf.rb's use of ldd to load ELF files obtained from untrusted sources. An attacker can achieve code execution via an ELF file with a custom...
CVE-2024-42381
In Homebrew, the Linux-specific file os/linux/elf.rb in brew prior to 4.2.20 uses ldd to load ELF files obtained from untrusted sources, enabling code execution via an ELF file with a custom .interp section during an un-sandboxed binary relocation phase. The tested vulnerable version is 237d1e783...
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft
Collateral Damage Collateral Damage is a kernel exploit for Xb...
Sttr - Cross-Platform, Cli App To Perform Various Operations On String
sttr is command line software that allows you to quickly run various transformation operations on the string. // With input prompt sttr // Direct input sttr md5 "Hello World" // File input sttr md5 file.text sttr base64-encode image.jpg // Reading from different processor like cat, curl, printf...
longislandhomebrew.com Improper Access Control vulnerability OBB-3863752
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2024-23840 `goreleaser release --debug` shows secrets
GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. goreleaser release --debug log shows secret values used in the in the custom publisher. This vulnerability is fixed in 1.24.0...
Bearer - Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)
Discover, filter, and prioritize security risks and vulnerabilities impacting your code. Bearer is a static application security testing SAST tool that scans your source code and analyzes your data flows to discover, filter and prioritize security risks and vulnerabilities leading to sensitive da...
This Week in Spring - February 28th, 2023
Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm writing this installment from a hotel room in Dallas, Texas, in the USA. Last night I had the privilege of hanging out with some of my friends from the local Java scene. Today I meet with customers. It's going to be a nic...
SUSE CVE-2022-0326
NULL Pointer Dereference in Homebrew mruby prior to 3.2...
SUSE CVE-2022-0481
NULL Pointer Dereference in Homebrew mruby prior to 3.2...
SUSE CVE-2022-0525
Out-of-bounds Read in Homebrew mruby prior to 3.2...
SUSE CVE-2022-0570
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2...